"Over 80 million unique IPs were identified that responded to UPnP discovery requests from the internet. Somewhere between 40 and 50 million IPs are vulnerable to at least one of three attacks […]. The two most commonly used UPnP software libraries both contained remotely exploitable vulnerabilities."
If you're a network administrator, be sure to check it out. Rapid 7 is offering a tool called ScanNow UPnP (which requires Java RE) that can identify exposed UPnP endpoints in your network.